[turtle]

So I'm hosting more things from a Lion Server and now starting to put some php based sites up there. While patches and fixes come out, vulnerabilities will always be there with this great game of cat and mouse. As an admin for a hosting company I see most hacks are limited to the cPanel account when exploits are taken advantage of.

With 10.7 and a MAMP stack what is the level of vulnerability? Seems everything is owned by _www so seems that a hacker who might get a shell (example) in might be able to navigate to other sites and compromise them all. Also, what about beyond the site folders? How far will a shell be able to allow them to get?

Does anyone have any experience with this on Mac? I'm very well versed in CentOS and cPanel/WHM, Mac does things a little different though (shocking).

[PBMB]

I have no experience or knowledge about the specific questions you ask, but talking about the general issue of how far hackers can go, my guess is very far. Just remember the last big vulnerability discovered. Its name is Heartbleed. It is perhaps the most serious vulnerability from every point of view since a very long time, arguably the most serious ever because no traces that information was accessed are left behind. Scary stuff.

[turtle]

Well, in the world of cPanel/WHM each cPanel account is limited to it's own world. This means if shell access is gained it can't do anything other than impact things owned or accessible to the cPanel user. This is true for Linux in general. Sadly this makes me pretty sure that once a hacker is able to access one site they have access to all sites. Mac is Unix at it's core after all.

[Ebby]

I had someone upload a PHP script and start browsing to the root of my drive. No telling what was compromised or if they uploaded/downloaded files. I am hoping permissions saved my toast. That was several system wipes ago so I doubt I have any problems now, but that did tick me off long ago.

Just because your site is small or insignificant doesn't mean you go lax on security